News & Analysis as of

OCR Delays Required Changes to Notices of Privacy Practices for Laboratories

The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more

Business Associate Definition Expanded and HHS Empowered to Impose New Civil Fines

Long-awaited omnibus regulations (Omnibus Rule) adopted earlier this year by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) made significant modifications impacting “business associates” to...more

WellPoint agrees to pay $1.7M in HIPAA penalties: what this tells you

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has announced that WellPoint, Inc. agreed to pay $1.7 million to settle potential violations of the Health Insurance Portability and...more

Shasta Regional Medical Center Pays $275,000, Enters into Corrective Action Plan to Resolve Alleged HIPAA Privacy Rule Violations...

Shasta Regional Medical Center (Shasta) has agreed to pay $275,000 and enter into a corrective action plan (CAP) with the U.S. Department of Health and Human Services Office for Civil Rights (OCR) to resolve allegations that...more

Is Your Firewall On? Are You Sure? Idaho State University Settles Privacy Rule Violations for $400,000

The HHS Office of Civil Rights (OCR) recently announced a $400,000 settlement with Idaho State University (ISU) following a lengthy investigation of the privacy and security practices at ISU outpatient clinics. In addition to...more

Large Educational/Health System Targeted For HIPAA Enforcement

Idaho State University (ISU) was recently the target of an investigation and enforcement action for violations of the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA)....more

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

Changes to the HIPAA Enforcement Rule - Background: On October 30, 2009, HHS issued an interim final rule revising the Enforcement Rule to incorporate provisions of the HITECH Act. The NPRM then proposed a number of...more

HHS Publishes Long-Awaited Final Omnibus Rules for HIPAA

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) published today the final regulations for the HIPAA Privacy, Security, Enforcement and Breach Notification Rules (the Omnibus Rules). The Omnibus...more

HITECH Omnibus Rule Basics

As we pore through the 562-page HITECH Omnibus Rule released by the Department of Health and Services late yesterday afternoon, here are some top line bullet points...more

The HIPAA/HITECH Final Rule Has Been Released

The long awaited HIPAA/HITECH Final Rule is out. The final rule is effective March 26, 2013, but covered entities (CEs) and business associates (BAs) will have 180 days beyond the effective date to come into compliance....more

CLIENT ALERT: HHS Announces More Than $1 Million Each In Penalties For HIPAA Security Rule Violations

Businesses subject to HIPAA rules should take note of recent penalties imposed by the U.S. Department of Health and Human Services (“HHS”). Penalties of more than $1 million each were leveled as a result of Security Rule...more

Boston-Area Hospital to Pay $1.5 Million to Settle HIPAA Violations Over Security Breach

On September 17, 2012, Massachusetts Eye and Ear Infirmary, a Boston area hospital, has agreed to pay $1.5 million to the U.S. Department of Health and Human Services to settle allegations of violations of the HIPAA Security...more

Health Law Alert: Medicaid Pays $1,700,000 to Settle HIPAA Security Violations

In its first enforcement action against a state agency, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled last month with Alaska’s Department of Health and Social Services (DHSS) for...more

13 Results
|
View per page
Page: of 1